Accelerated Federation Management

»

Details below

Supports Sun Certification

Languages

Back to top

Who Can Benefit

Back to top

Prerequisites

• Demonstrate proficiency with the Solaris(TM)Operating System
• Navigate a directory information tree (DIT)
• Install the Java ES
• Demonstrate proficiency with XML and interpret Document Type Definition (DTD) files Demonstrate familiarity with Hypertext Markup Language (HTML)
• Demonstrate familiarity with Java programming and JavaServer Pages(TM) [JSP(TM) pages]

Back to top

Skills Gained

• Define the role of Access Manager and list the features and functions of Access Manager that address key business challenges
• Configure Access Manager and Policy Agents
• Configure and customize authentication and SSO
• Configure, administer, personalize, and customize authorization
• Describe the Security Assertions Markup Language (SAML) and federated identity, and their implementation in Access Manager
• Implement advanced deployment scenarios, including high availability
• Describe the basic architecture and components of the Sun Java(TM) System Portal Server 6 2005Q1
• Install the Portal Server
• Install and customize a new portal desktop
• Install new JSR-168-compliant portlets
• Enable portal localization
• Customize the portal login screens
• Configure the Portal Server search, subscription, and discussion services
• Manage users through the Sun Java(TM) System
• Access Manager (Access Manager)and manage application integration and single sign-on
• Configure delegated administration, Netlet, NetFile services, and multiple servers
• Install and configure the Secure Remote Access (SRA) service

Back to top

Course Content

Module 1 - Installing Sun Java System Access Manager

• Define identity and federated identity
• Describe the Sun Java System identity management framework
• Identify Access Manager components
• Describe Policy Agent software Lab (1.5 hours):
• Describe the hardware and pre-installed files on your lab system
• Install the Directory Server EE and Web Server software
• Install the Access Manager software

Module 2 - Configuring and Deploying Access Manager and Policy Agent Software

• Identify deployment components
• List basic deployment scenarios
• Identify Java ES installation options that impact deployment
• Describe Access Manager configuration
• Configure Policy Agent instances
• Configure secure sockets layer (SSL) with Access Manager
• Start and stop Access Manager and Policy Agent instances
• Secure the Access Manager web container
• Configure the Access Manager instance
• Configure the Example Chocolates web site
• Install and configure Policy Agent software (3.75 hours)

Module 3 - Configuring Access Manager Realms

• Describe the types of data that Access Manager uses
• Describe Access Manager realms
• Describe realm and legacy modes
• Describe data store types
• Configure data stores
• Describe Access Manager management tools
• Create and configure realms
• Prepare the Example Chocolates user directory
• Create a realm using the CLI
• Create and configure realms using the console and the CLI

Module 4 - Configuring Access Manager Services

• Describe Access Manager services
• Configure Access Manager services using the console
• Configure Access Manager services using the CLI
• Describe service configuration for new realms Lab:
• Locate service files
• Configure the Session Service using the CLI
• Configure the Session Service using the console
• Describe the service configuration for a new realm

Module 5 - Logging, Debugging, and Monitoring

• Locate, configure, and interpret Access Manager log files and database tables
• Locate and configure debug files
• Locate and configure Policy Agent log files
• Monitor Access Manager instances using Java ES monitoring
• Review Access Manager log files
• Log to a relational database
• Enable message-level debugging
• Monitor Java ES objects (optional)

Module 6 - Configuring Authentication

• Describe the Access Manager authentication process
• Configure Access Manager sessions
• Describe SSO
• Configure a customized authentication interface
• Configure data store authentication
• Configure an authentication chain with multiple authentication module instances
• Configure account lockout for a realm
• Use Access Manager for programmatic authentication (optional)
• Customize the authentication interface templates for a realm (optional)
• Localize the authentication interface for a realm (optional)

Module 7 - Configuring Policy

• Describe policy
• Describe the policy architecture
• Describe policy components
• Describe policy storage
• Administer policy
• Configure policies using the console
• Delegate administration
• Configure a different default login URL in the Policy Agent
• Create policies for the Example Chocolates web site
• Create a policy that uses realm authentication
• Delegate administration to user

Module 8 - Exploring Policy Evaluation

• Describe policy evaluation principles
• Examine a policy evaluation example
• Locate policy evaluation request and policy decision documents and review the Access Manager policy log files

Module 9 - Analyzing Federated Identity Scenarios

• Define federated identity
• Identify business scenarios addressed by federated identity
• Describe basic federated identity technologies and how they solve business problems
• Describe federation frameworks
• Describe the Security Assertion Markup Language (SAML)
• Analyze business problems addressed by federated identity and describe technologies that provide solutions

Module 10 - Configuring SAML Version 1 Single Sign-On

• Describe SAML 1 assertions, protocols, and bindings
• Describe SAML 1 profiles
• Configure SAML 1 support on Access Manager
• Sign SAML assertions
• Configure SSO using SAML version 1.1

Module 11 - Examining Advanced Federation

• Describe advanced federated identity technologies
• Identify advanced identity federation frameworks
• Describe framework implementation in Access Manager
• Federate accounts on an identity provider and a service provider
• Federate and defederate accounts

Module 12 - Deploying Access Manager for High Availability

• Describe cross-domain single sign-on (CDSSO)
• Describe and configure distributed authentication
• Describe and configure high availability
• Perform advanced configuration
• Configure and secure new Web Server instances
• Configure a second Access Manager instance
• Configure the Policy Agent to fail over to the second Access Manager instance
• Configure the Policy Agent to work with load-balanced Access Manager instances

Module 13 - Introducing the Portal Server

• Describe the Portal Server
• Describe the Portal Server architecture
• Describe the features of the Portal Server
• Describe secure remote access and mobile access
• Describe multiple operating system support
• Describe multiple web container support

Module 14 - Installing the Portal Server

• Identify the operating system requirements for installing the Portal Server
• Identify the hardware requirements for installing the Portal Server
• Identify the software requirements for installing the Portal Server
• Identify browser requirements to be used with the Portal Server
• Identify typical deployment scenarios
• Describe the components that are installed with the Portal Server
• Describe the installation procedures for the Portal Server
• Describe the file system layout after Portal Server installation
• Describe how to verify the Portal Server installation
• Describe how to uninstall the Portal Server
• Describe how to tune the Portal Server

Module 15 - Configuring a Portal

• Describe the role of the Access Manager in the Portal Server
• Log in to the Access Manager console as an administrator
• Create and test a new organization
• Identify the tasks required to manage a new organization

Module 16 - Configuring the Portal Server Desktop

• Describe the Portal Server desktop
• Describe the Portal Server desktop components
• Describe the content providers included with the sample portal
• Describe the Portal Server desktop display profile
• Describe the desktop service configuration

Module 17 - Configuring Portal Server Channels

• List the methods for adding new content to a Portal Server implementation
• Examine and configure a URL scraper provider, and identify the role of the Rewriter
• Describe extensible style sheet language transformations (XSLTs) and their role in transforming XML documents
• Examine and configure an XML building-block provider
• Describe the portlet rationale and JSR-168
• Describe Web Services for Remote Portlets (WSRP)
• Describe the WSRP rationale
• Describe WSRP producers
• Describe WSRP consumers

Module 18 - Branding and Localizing the Portal

• Describe the files used to customize a portal's look and feel
• Describe the files created to customize the appearance of a Portal Server desktop
• Describe an example of how to modify the appearance of a Tab Container
• Describe the use of display profile themes
• Describe the properties used to draw a leaf channel
• Describe an example of how leaf channels are drawn
• Describe the Theme Tag Library
• Localize the Portal Server desktop
• Localize dynamic provider portal content
• Localize static portal content

Module 19 - Customizing the Authentication Interface

• Customize the appearance and content of the authentication graphical user interface (GUI)
• Describe localization options for the authentication interface
• Modify the UserInfo channel to allow user modification of an LDAP password

Module 20 - Configuring Portal Server Services

• Describe the Portal Server search service
• Configure the search service provider
• Administer the database taxonomy
• Perform searches using the search channel
• Describe the Portal Server subscription service
• Configure the subscription service
• Subscribe to a topic
• Describe the Portal Server discussion service
• Configure the discussion service

Module 21 - Managing Users and Delegating Administration

• Explain Portal Server users, roles, and access control
• Create users within an organization
• Create roles within an organization
• Add users to roles
• Customize roles through service templates
• Describe delegated administration
• Identify different administrator roles
• Describe the delegated administration hierarchy
• Configure common role tasks
• Create and test the custom administrator roles

Module 22 - Managing Application Integration and Single Sign-On

• Examine the different types of application integration within the Portal Server
• Deploy web applications into the Portal Server
• Describe single sign-on (SSO)
• Examine authentication and SSO within the Portal Server
• Describe the Access Manager SSO architecture and API
• Examine proxy authentication
• Describe the operation of the SSO Adapter
• Describe the SSO Adapter features for the Portal Server
• Describe the SSO Adapter administration interface

Module 23 - Installing and Configuring the Secure Remote Access Software

• Describe the Secure Remote Access (SRA) software function
• Identify the SRA software services
• Install the SRA software
• Configure SRA services
• Configure the SRA Gateway
• Configure the SRA software for a new organization
• Describe Portal Server SRA components
• Configure the Rewriter service
• Describe the Proxylet service attributes
• Describe the Netlet service attributes
• Configure the NetFile service

Back to top

Browse Other Course Topic Areas